npm - @profoundlogic/coderflow-server - Versions diffs - 0.4.8 → 0.5.0 - Mend

@profoundlogic/coderflow-server 0.4.8 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (173) hide show

package/README.md +9 -1
package/dist/README.md +9 -1
package/dist/base-image/Dockerfile +5 -3
package/dist/base-image/entrypoint.sh +76 -2
package/dist/coder-server.js +1 -1
package/dist/config.js +1 -1
package/dist/lib/agent-keepalive.js +1 -1
package/dist/lib/agent-models.js +1 -1
package/dist/lib/api-keys.js +1 -1
package/dist/lib/apiKeys.js +1 -1
package/dist/lib/app-server-ports.js +1 -1
package/dist/lib/auto-judge.js +1 -1
package/dist/lib/automation-service.js +1 -1
package/dist/lib/basic-auth.js +1 -1
package/dist/lib/bindings.js +1 -1
package/dist/lib/build-history.js +1 -1
package/dist/lib/build-output-service.js +1 -1
package/dist/lib/build-scheduler.js +1 -1
package/dist/lib/build-service.js +1 -1
package/dist/lib/ca-certificates.js +1 -1
package/dist/lib/claude-oauth-refresh.js +1 -1
package/dist/lib/cli/build.js +1 -1
package/dist/lib/cli/config-command.js +1 -1
package/dist/lib/cli/config.js +1 -1
package/dist/lib/cli/create-user.js +1 -1
package/dist/lib/cli/init.js +1 -1
package/dist/lib/cli/jira.js +1 -1
package/dist/lib/cli/license.js +1 -1
package/dist/lib/cli/migrate-rbac.js +1 -0
package/dist/lib/cli/server-manager.js +1 -1
package/dist/lib/config-migration.js +1 -1
package/dist/lib/container-credential-sync.js +1 -1
package/dist/lib/container-tokens.js +1 -1
package/dist/lib/data-dir.js +1 -1
package/dist/lib/deployment-history.js +1 -1
package/dist/lib/deployment-service.js +1 -1
package/dist/lib/docker-utils.js +1 -1
package/dist/lib/email.js +1 -1
package/dist/lib/emailTemplates.js +1 -1
package/dist/lib/entitlement.js +1 -1
package/dist/lib/external-connections.js +1 -0
package/dist/lib/fetch-utils.js +1 -1
package/dist/lib/git-commit-details-route.js +1 -1
package/dist/lib/git-history-diff-guardrails.js +1 -1
package/dist/lib/git-provider-service.js +1 -1
package/dist/lib/git-provider-setup/github-setup-handler.js +1 -1
package/dist/lib/git-provider-setup/index.js +1 -1
package/dist/lib/git-provider-setup/setup-factory.js +1 -1
package/dist/lib/git-provider-setup/setup-interface.js +1 -1
package/dist/lib/git-providers/azure-devops-provider.js +1 -1
package/dist/lib/git-providers/github-app-provider.js +1 -1
package/dist/lib/git-providers/index.js +1 -1
package/dist/lib/git-providers/provider-factory.js +1 -1
package/dist/lib/git-providers/provider-interface.js +1 -1
package/dist/lib/github-urls.js +1 -1
package/dist/lib/group-objective-linking.js +1 -1
package/dist/lib/jira-client.js +1 -1
package/dist/lib/judge-blinding.js +1 -1
package/dist/lib/logger.js +1 -1
package/dist/lib/migration-to-scoped-rbac.js +1 -1
package/dist/lib/model-fetcher.js +1 -1
package/dist/lib/notifications.js +1 -1
package/dist/lib/objective-context.js +1 -1
package/dist/lib/oidc-auth.js +1 -1
package/dist/lib/oidc-device-flow.js +1 -1
package/dist/lib/passwordTokens.js +1 -1
package/dist/lib/permission-resolver.js +1 -1
package/dist/lib/pin-cascade.js +1 -1
package/dist/lib/provider-accounts.js +1 -1
package/dist/lib/provider-oauth.js +1 -1
package/dist/lib/provider-profile.js +1 -1
package/dist/lib/provider-token-refresh.js +1 -1
package/dist/lib/rbac-user-state.js +1 -0
package/dist/lib/request-url.js +1 -1
package/dist/lib/rewind.js +1 -1
package/dist/lib/role-definitions.js +1 -1
package/dist/lib/roles.js +1 -1
package/dist/lib/scoped-rbac-migration-runner.js +1 -0
package/dist/lib/secrets.js +1 -1
package/dist/lib/setup-repo-git-auth.js +1 -1
package/dist/lib/state-capture.js +1 -1
package/dist/lib/static-files.js +1 -1
package/dist/lib/task-name-format.js +1 -1
package/dist/lib/task-name-generator.js +1 -1
package/dist/lib/task-source-metadata.js +1 -1
package/dist/lib/teams.js +1 -1
package/dist/lib/user-git-oauth.js +1 -1
package/dist/lib/user-git-tokens.js +1 -1
package/dist/lib/users.js +1 -1
package/dist/middleware/requireAuth.js +1 -1
package/dist/middleware/requireInit.js +1 -1
package/dist/middleware/requirePermission.js +1 -1
package/dist/package.json +2 -1
package/dist/playwright.config.js +1 -1
package/dist/routes/apiKeys.js +1 -1
package/dist/routes/auth-oidc.js +1 -1
package/dist/routes/auth.js +1 -1
package/dist/routes/automations.js +1 -1
package/dist/routes/bindings.js +1 -1
package/dist/routes/build.js +1 -1
package/dist/routes/containers.js +1 -1
package/dist/routes/deploy-task.js +1 -1
package/dist/routes/environment-management.js +1 -1
package/dist/routes/environments.js +1 -1
package/dist/routes/external-skills.js +1 -1
package/dist/routes/git-credentials.js +1 -1
package/dist/routes/git-oauth.js +1 -1
package/dist/routes/git-provider-setup.js +1 -1
package/dist/routes/health.js +1 -1
package/dist/routes/jira.js +1 -1
package/dist/routes/objective-management.js +1 -1
package/dist/routes/password.js +1 -1
package/dist/routes/prompt.js +1 -1
package/dist/routes/provider-auth.js +1 -1
package/dist/routes/qa.js +1 -1
package/dist/routes/roles.js +1 -1
package/dist/routes/settings.js +1 -1
package/dist/routes/skill-management.js +1 -1
package/dist/routes/skills.js +1 -1
package/dist/routes/tasks.js +1 -1
package/dist/routes/teams.js +1 -1
package/dist/routes/templates.js +1 -1
package/dist/routes/test-task.js +1 -1
package/dist/routes/test.js +1 -1
package/dist/routes/users.js +1 -1
package/dist/routes/visualizations.js +1 -1
package/dist/scripts/create-user.js +1 -1
package/dist/scripts/migrate-config-to-data-dir.js +1 -1
package/dist/scripts/migrate-to-scoped-rbac.js +1 -1
package/dist/start.js +1 -1
package/dist/web-ui/public/activity-detail-modal.js +1 -1
package/dist/web-ui/public/activity-feed.js +1 -1
package/dist/web-ui/public/activity-formatters.js +1 -1
package/dist/web-ui/public/agent-event-parser.js +1 -1
package/dist/web-ui/public/app.js +1 -1
package/dist/web-ui/public/approve-dialog.js +1 -1
package/dist/web-ui/public/automation-links.js +1 -1
package/dist/web-ui/public/automation-schedule.js +1 -1
package/dist/web-ui/public/comments-widget.js +1 -1
package/dist/web-ui/public/diff-utils.js +1 -1
package/dist/web-ui/public/docs/admin/environments.md +75 -0
package/dist/web-ui/public/docs/admin/installation.md +9 -1
package/dist/web-ui/public/environments.css +356 -0
package/dist/web-ui/public/environments.html +316 -0
package/dist/web-ui/public/environments.js +1 -1
package/dist/web-ui/public/feedback-widget.js +1 -1
package/dist/web-ui/public/git-history-lazy-utils.js +1 -1
package/dist/web-ui/public/git-history.js +1 -1
package/dist/web-ui/public/git-status.js +1 -1
package/dist/web-ui/public/index.js +1 -1
package/dist/web-ui/public/login.js +1 -1
package/dist/web-ui/public/markdown-editor.js +1 -1
package/dist/web-ui/public/markdown-file-editor.js +1 -1
package/dist/web-ui/public/modal-maximize.js +1 -1
package/dist/web-ui/public/notifications.js +1 -1
package/dist/web-ui/public/pr-dialog.js +1 -1
package/dist/web-ui/public/roles.js +1 -1
package/dist/web-ui/public/server-health.js +1 -1
package/dist/web-ui/public/settings.html +1 -2
package/dist/web-ui/public/settings.js +1 -1
package/dist/web-ui/public/setup-password.js +1 -1
package/dist/web-ui/public/skills.js +1 -1
package/dist/web-ui/public/sse-client.js +1 -1
package/dist/web-ui/public/sse-shared-worker.js +1 -1
package/dist/web-ui/public/styles.css +78 -7
package/dist/web-ui/public/task.html +24 -0
package/dist/web-ui/public/task.js +1 -1
package/dist/web-ui/public/teams.js +1 -1
package/dist/web-ui/public/terminal.js +1 -1
package/dist/web-ui/public/theme.js +1 -1
package/dist/web-ui/public/users.js +1 -1
package/dist/web-ui/public/variant-grouping.js +1 -1
package/package.json +2 -1

package/README.md CHANGED Viewed

@@ -108,6 +108,12 @@ coder-server init mycompany-coder-setup
 This creates a `mycompany-coder-setup` directory with the required structure and initializes it as a git repository.
+Then configure the server to locate the setup directory using a command like this, specifying the path to the setup directory:
+```bash
+coder-server config set coder_setup_path mycompany-coder-setup
+```
 #### Install License
 ```bash
@@ -117,11 +123,13 @@ coder-server license set <your-license-key>
 #### Create Admin User
 ```bash
-coder-server create-user --username=admin --email=admin@example.com --name="Admin User" --role=admin
+coder-server create-user --username=admin --email=admin@example.com --name="Admin User" --admin
 ```
 You'll be prompted to set a password.
+On a brand-new install, the first created account is automatically granted Server Admin even without `--admin` (this policy is enforced in the shared user service, so it applies across CLI/API/OIDC auto-provisioning paths).
 #### Optional: Configure Server Listen Port and SSL
 By default the server listens on port 3000. To configure an alternate port (e.g. 443):

package/dist/README.md CHANGED Viewed

@@ -108,6 +108,12 @@ coder-server init mycompany-coder-setup
 This creates a `mycompany-coder-setup` directory with the required structure and initializes it as a git repository.
+Then configure the server to locate the setup directory using a command like this, specifying the path to the setup directory:
+```bash
+coder-server config set coder_setup_path mycompany-coder-setup
+```
 #### Install License
 ```bash
@@ -117,11 +123,13 @@ coder-server license set <your-license-key>
 #### Create Admin User
 ```bash
-coder-server create-user --username=admin --email=admin@example.com --name="Admin User" --role=admin
+coder-server create-user --username=admin --email=admin@example.com --name="Admin User" --admin
 ```
 You'll be prompted to set a password.
+On a brand-new install, the first created account is automatically granted Server Admin even without `--admin` (this policy is enforced in the shared user service, so it applies across CLI/API/OIDC auto-provisioning paths).
 #### Optional: Configure Server Listen Port and SSL
 By default the server listens on port 3000. To configure an alternate port (e.g. 443):

package/dist/base-image/Dockerfile CHANGED Viewed

@@ -126,10 +126,12 @@ RUN npm install -g @openai/codex @google/gemini-cli && \
 # System dependencies are already installed above (libasound2, libatk*, etc.)
 RUN su - coder -c "npx playwright install chromium"
-# Pre-install aitool and codermake globally and install licenses for coder user.
+# Pre-install aitool and codermake globally and install licenses for coder user and root.
 RUN npm install -g @profoundlogic/aitool @profoundlogic/codermake && \
-  su - coder -c "aitool --license-set PLX-7KM2D-QN8FX-W5HRP-BJ3TY-2026A" && \
-  su - coder -c "codermake --license-set PLX-4R8N5-KXJM3-DV7WT-YC2HP-2026A"
+    aitool --license-set PLX-7KM2D-QN8FX-W5HRP-BJ3TY-2026A && \
+    codermake --license-set PLX-4R8N5-KXJM3-DV7WT-YC2HP-2026A && \
+    su - coder -c "aitool --license-set PLX-7KM2D-QN8FX-W5HRP-BJ3TY-2026A" && \
+    su - coder -c "codermake --license-set PLX-4R8N5-KXJM3-DV7WT-YC2HP-2026A"
 # Install code-server for web-based VS Code
 RUN curl -fsSL https://code-server.dev/install.sh | sh && \

package/dist/base-image/entrypoint.sh CHANGED Viewed

@@ -687,8 +687,8 @@ generate_task_json() {
     fi
     # Source environment variables set by setup script (e.g., IGNORE_LOCKFILE_CHANGES)
-    if [ -f ~/.bash_env ]; then
-        source ~/.bash_env
+    if [ -f /home/coder/.bash_env ]; then
+        source /home/coder/.bash_env
     fi
     # Generate patches and get repos_changed JSON
@@ -751,6 +751,74 @@ EOF
     log "Task metadata written to $TASK_OUTPUT_DIR/task.json"
 }
+# IBM i build library creation (called from main after repos are updated)
+setup_ibmi_build_library() {
+    # All five env vars must be set (via Docker Env from external-connections.js)
+    if [ -z "${IBMI_HOST}" ] || [ -z "${IBMI_USER}" ] || [ -z "${IBMI_KEY}" ] || [ -z "${IBMI_BUILD_PREFIX}" ] || [ -z "${IBMI_BUILD_HOME}" ]; then
+        return 0
+    fi
+    local IBMI_SSH_OPTS="-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=ERROR -o BatchMode=yes -T"
+    # Generate UUID suffix: strip dashes, remove version/variant nibbles, take first 24 chars
+    local IBMI_RAW_UUID=$(cat /proc/sys/kernel/random/uuid | tr -d '-')
+    local IBMI_BUILD_UUID=$(echo "${IBMI_RAW_UUID:0:12}${IBMI_RAW_UUID:13:3}${IBMI_RAW_UUID:17:15}" | head -c 24 | tr '[:lower:]' '[:upper:]')
+    IBMI_BUILD_SCHEMA="${IBMI_BUILD_PREFIX}_${IBMI_BUILD_UUID}"
+    log "Creating IBM i build library..."
+    # Create schema on IBM i via SSH + QShell db2
+    local IBMI_CMD_OUT
+    IBMI_CMD_OUT=$(echo "db2 \"CREATE SCHEMA ${IBMI_BUILD_SCHEMA}\"" | ssh -i ${IBMI_KEY} ${IBMI_SSH_OPTS} ${IBMI_USER}@${IBMI_HOST} qsh 2>&1)
+    if [ $? -ne 0 ]; then
+        log_error "${IBMI_CMD_OUT}"
+        log_error "Failed to create IBM i build library"
+        return 1
+    fi
+    # Resolve the system library name (10-char *LIB name)
+    IBMI_BUILD_LIBRARY=$(echo "db2 -S \"SELECT SYSTEM_SCHEMA_NAME FROM QSYS2.SYSSCHEMAS WHERE SCHEMA_NAME = '${IBMI_BUILD_SCHEMA}'\"" | ssh -i ${IBMI_KEY} ${IBMI_SSH_OPTS} ${IBMI_USER}@${IBMI_HOST} qsh 2>/dev/null | sed -n '4p' | tr -d '[:space:]')
+    if [ -z "${IBMI_BUILD_LIBRARY}" ]; then
+        log_error "Failed to resolve system library name for schema ${IBMI_BUILD_SCHEMA}"
+        return 1
+    fi
+    export IBMI_BUILD_LIBRARY
+    export IBMI_BUILD_SCHEMA
+    # Tag library with task ID for traceability
+    IBMI_CMD_OUT=$(echo "system \"QSYS/CHGOBJD OBJ(QSYS/${IBMI_BUILD_LIBRARY}) OBJTYPE(*LIB) TEXT('CoderFlow task ${TASK_ID}')\"" | ssh -i ${IBMI_KEY} ${IBMI_SSH_OPTS} ${IBMI_USER}@${IBMI_HOST} /QOpenSys/usr/bin/sh 2>&1)
+    if [ $? -ne 0 ]; then
+        log_error "${IBMI_CMD_OUT}"
+        log_error "Failed to tag build library ${IBMI_BUILD_LIBRARY}"
+    fi
+    log "IBM i build library ${IBMI_BUILD_LIBRARY} created"
+    # Write env vars to .bash_env so other processes (such as terminals) can access them
+    echo "export IBMI_BUILD_LIBRARY=\"${IBMI_BUILD_LIBRARY}\"" >> /home/coder/.bash_env
+    echo "export IBMI_BUILD_SCHEMA=\"${IBMI_BUILD_SCHEMA}\"" >> /home/coder/.bash_env
+    # Initialize codermake (must run from the build home directory)
+    log "Initializing codermake build in ${IBMI_BUILD_HOME}..."
+    local codermake_out
+    codermake_out=$( (cd "${IBMI_BUILD_HOME}" && codermake -t) 2>&1) || true
+    if [ -n "$codermake_out" ]; then
+        log "$codermake_out"
+    fi
+    # Write cleanup script for CMD SIGTERM trap to source
+    # Values are baked in — no conditional check needed since this file is only
+    # written after successful library creation
+    cat > /home/coder/.ibmi_build_cleanup.sh << CLEANUP_EOF
+IBMI_CMD_OUT=\$(ssh -i ${IBMI_KEY} ${IBMI_SSH_OPTS} ${IBMI_USER}@${IBMI_HOST} "qsh -c 'db2 \"DROP SCHEMA ${IBMI_BUILD_SCHEMA} CASCADE\"'" 2>&1)
+if [ \$? -ne 0 ]; then
+    echo "[EXTERNAL-CONN] ERROR: Failed to delete build library ${IBMI_BUILD_LIBRARY}" >&2
+    echo "\${IBMI_CMD_OUT}" >&2
+fi
+CLEANUP_EOF
+}
 # Main execution
 main() {
     timing_checkpoint "main: START"
@@ -862,6 +930,12 @@ main() {
         timing_checkpoint "main: Setup script complete"
     fi
+    # IBM i build library creation (after repos are updated)
+    # Skip if SKIP_INIT is set (e.g., for follow-up tasks where the library already exists)
+    if [ "$SKIP_INIT" != "true" ]; then
+        setup_ibmi_build_library
+    fi
     local exit_code=0
     # Update status to indicate initialization is complete